Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

12/10/2014
05:00 PM
Sara Peters
Sara Peters
Quick Hits
Connect Directly
Twitter
RSS
E-Mail
100%
0%

Ex-NSA Agents' Security Startup Lands $8 Million In Funding

Area 1 Security, launched in May, uses behavioral data to stop early-stage attacks from going further.

Area 1 Security, a security startup created by three ex-NSA agents and pros from Disney and MIT, landed $8.5 million in its first round of funding today. The company launched in May with $2.5 million in seed funding.

The company's sweet spot is early-stage targeted attacks. It identifies malicious activity quickly, assesses it to determine which may pose the most sophisticated threat (for example, which has been launched by a nation-state), and stops attackers in their tracks before they can do real damage.

Area 1 does this through behavioral analysis. It collects data from a platform of sensors and looks for any abnormalities -- timing, content, user interaction, method of delivery, or anything else that might raise eyebrows or red flags.

"It's very hard to pretend to be normal," says Oren Falkowitz, founder and CEO of Area 1. No matter how clever an attack is, there are real people behind it, crafting a phishing message, making a plan, and unconsciously doing all sorts of subtle things that give them away.

Conventional security measures tend to discover attacks by looking for malware residue, so attackers can compromise an organization and lurk within it for 229 days, on average, before they're discovered, says Falkowitz. Area 1 Security's technology can shorten that time to discovery to minutes or hours.

The service doesn't stop there, though. Once it has given the company the bad news, Area 1 helps it decide how to remediate the problem. The new funding will largely go to improving that capability and making it more adaptable and user-friendly, says Falkowitz.

Since it launched, Area 1 has expanded from a team of five to a team of 13, adding talent from FireEye, Cisco, and others with strong operational experience in security. In response to comments that the recent mammoth attack on Sony was "unprecedented," Falkowitz dismissed that description. "Our team has seen these things before."

The Area 1 technology is not yet commercially available, but it is running a pilot program at a large financial institution.

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
ODA155
100%
0%
ODA155,
User Rank: Ninja
12/11/2014 | 10:41:11 AM
Re: Pro or con?
"Area 1 does this through behavioral analysis. It collects data from a platform of sensors and looks for any abnormalities -- timing, content, user interaction, method of delivery, or anything else that might raise eyebrows or red flags."

Am I understanding this correctly, the computer you're using, as well as other "sensors" around the network would be spying on me... and I would have to agree to that as part of my job? It's hard enough to find a competent candidate for any specific job, good luck findin one who wants to work under those conditions.

Maybe they should have had that at the NSA then maybe GB's of data would not have walked out the front door.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
12/11/2014 | 9:23:02 AM
Re: Pro or con?
Why is 'ex-NSA' considered a selling point?
Not necessarily a selling point, just a point of information. It's up to the customer to make the judgement of valuable or not, @geriatric. Then again, perhaps even the world's most notorious ex-NSA'er (Edward Snowden) will one day have a comeback in a commercial venture, a la Kevin Mitnick! Stranger things happen.
geriatric
50%
50%
geriatric,
User Rank: Moderator
12/11/2014 | 7:27:50 AM
Re: Pro or con?
Ha-ha! My thoughts exactly. And just exactly why is 'ex-NSA' considered a selling point?
Thomas Claburn
100%
0%
Thomas Claburn,
User Rank: Ninja
12/10/2014 | 6:15:30 PM
Pro or con?
So does the involvement of former NSA employees mean this software will be more secure, less secure, or about the same?
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Intel Issues Fix for 'Plundervolt' SGX Flaw
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5252
PUBLISHED: 2019-12-14
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
CVE-2019-5235
PUBLISHED: 2019-12-14
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
CVE-2019-5264
PUBLISHED: 2019-12-13
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition...
CVE-2019-5277
PUBLISHED: 2019-12-13
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.
CVE-2019-5254
PUBLISHED: 2019-12-13
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board m...